More than 12,000 internet-exposed instances of open-source AI agent builder Flowise could be compromised by the ongoing exploitation of the maximum-severity code injection flaw, tracked as CVE-2025-59528, which could lead to remote code execution, reports The Hacker News.Intrusions involving CVE-2025-59528, which was addressed by Flowise in September, stemmed from a lone Starlink IP address, according to VulnCheck researchers. Harnessing the vulnerability, which was identified and reported by researcher Kim SooHyun, was noted by Flowise to potentially result in the compromise of risky modules, including child_process and fs, as well as subsequent system compromise, file system infiltration, and data theft."This is a critical-severity bug in a popular AI platform used by a number of large corporations. This specific vulnerability has been public for more than six months, which means defenders have had time to prioritize and patch the vulnerability," said VulnCheck Vice President of Security Research Caitlin Condon.
Vulnerability Management, Patch/Configuration Management, AI/ML
Active exploitation of max severity Flowise bug threatens broad compromise
An In-Depth Guide to AI
Get essential knowledge and practical strategies to use AI to better your security program.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds